All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Infoblox Uncovers 236,000+ DCloud Uni-App Sites Used in Crypto Scams and Phishing Operations

By

The Hacker News

19h ago· 5 min readenNews
technologyfinancesecuritycybercrime

Summary

Infoblox has uncovered a massive network of over 236,000 websites built using DCloud Uni-App, a legitimate Chinese open-source development framework. These sites are used for cryptocurrency scams, pig-butchering operations, WhatsApp phishing, fake gambling platforms, brand impersonation, and crypto wallet drainers. The DNS threat intelligence company identified 236,493 distinct second-level domains involved in these operations, which have dramatically scaled up over the past two years.

Source

Twitter / XInfoblox Uncovers 236,000+ DCloud Uni-App Sites Used in Crypto Scams and Phishing Operationsthehackernews.com

Key quotes

· 3 pulled
For the last two years, there's been a dramatic scaling up of these operations using DCloud Uni-App templates.
The templates power bogus cryptocurrency exchanges, multi-language pig-butchering operations, WhatsApp phishing networks, fake gambling platforms, brand-impersonation sites, and crypto wallet drainers.
A total of 236,493 distinct second-level domains have been identified by the DNS threat intelligence company.
Snippet from the RSS feed
Infoblox found 236,493 DCloud Uni-App domains powering crypto scams, WhatsApp phishing, fake gambling sites, and wallet drainers.

You might also wanna read

Cybercriminals use fake GitHub, YouTube, and SourceForge profiles to fuel cryptocurrency heist

Cybercriminals have built an elaborate global reputation network using GitHub repositories, SourceForge projects, fake YouTube videos, and o

darkreading.com·7d ago

How a botnet abused my open source project's cloud version to phish 14,000 people

The author, who runs an open source project management tool called Kaneo, discovered that a botnet had abused the hosted cloud version of th

andrej.sh·1mo ago

North Korean-linked phishing campaign targets developers with fake job offers to steal cryptocurrency

A suspected North Korean-linked phishing crew sent over 250 fake developer job pitches to employees at nearly 100 organizations (mostly US-b

theregister.com·21d ago

24 billion records exposed in massive data leak containing usernames, passwords, and login URLs

Cybernews researchers discovered a massive database of 24 billion exposed records, including usernames, email addresses, plaintext passwords

cybernews.com·9d ago

IDMerit Data Breach Exposes 1 Billion Identity Verification Records

A massive data breach at IDMerit, a company specializing in identity verification services, exposed approximately 1 billion sensitive person

aol.com·3mo ago

Massive Data Breach Compilation: Nearly 2 Billion Email Addresses and 1.3 Billion Passwords Exposed

The article discusses a massive data breach compilation containing nearly 2 billion unique email addresses and 1.3 billion unique passwords,

troyhunt.com·7mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.